From 1a63cadc6e87ffb8ed410af3283f1395c0f84d07 Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Wed, 9 Apr 2014 13:24:26 -0600
Subject: [PATCH 198/225] Ticket #47774 mem leak in do_search - rawbase not
freed upon certain errors
https://fedorahosted.org/389/ticket/47774
Reviewed by: nhosoi (Thanks!)
Branch: 389-ds-base-1.2.11
Fix Description: Free the local rawbase variable if it was not set in the
pblock.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
(cherry picked from commit 1d5c6d6ca300a45305dba631a334ae9a1857d4cb)
(cherry picked from commit b065515935daa8fffe7a8eef3a66621cc8702018)
(cherry picked from commit 97f58ff4787ecb87780fde7245e354ec75e73125)
(cherry picked from commit 33bf4d42727804f5c10ce30834a2340c99cad459)
(cherry picked from commit 9426e0788c85fef950d41d2d5427b5b67fa6b0fd)
---
ldap/servers/slapd/search.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/search.c b/ldap/servers/slapd/search.c
index 9f165a1..1f0050c 100644
--- a/ldap/servers/slapd/search.c
+++ b/ldap/servers/slapd/search.c
@@ -69,6 +69,7 @@ do_search( Slapi_PBlock *pb )
int i, err, attrsonly;
ber_int_t scope, deref, sizelimit, timelimit;
char *rawbase = NULL;
+ int rawbase_set_in_pb = 0; /* was rawbase set in pb? */
char *base = NULL, *fstr = NULL;
struct slapi_filter *filter = NULL;
char **attrs = NULL;
@@ -339,6 +340,7 @@ do_search( Slapi_PBlock *pb )
}
slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, rawbase );
+ rawbase_set_in_pb = 1; /* rawbase is now owned by pb */
slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, &deref );
slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, filter );
@@ -375,7 +377,9 @@ free_and_return:;
operation->o_flags &= ~OP_FLAG_PS;
}
/* we strdup'd this above - need to free */
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase);
+ if (rawbase_set_in_pb) {
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase);
+ }
slapi_ch_free_string(&rawbase);
}
}
--
1.8.1.4